An immutable, timestamped record of every action taken in a system — who accessed what, when, and from where. Audit logs are foundational to security and compliance: they let auditors verify that access controls work, let security teams investigate incidents after the fact, and demonstrate to regulators that the organization can answer "who did this and when." For a meeting copilot, the audit log typically records transcript access (every time a user views or exports a transcript), retention events (when transcripts were deleted), permission changes, and admin actions. SOC 2 and HIPAA both require audit logs with specific retention periods and tamper-evidence. The log itself must be append-only — a system that lets users edit or delete audit entries is, by definition, no longer an audit log.